A journey of CoreMedia Docker containers › resource › blob › 31256 › cb8... · DOCKER...
Transcript of A journey of CoreMedia Docker containers › resource › blob › 31256 › cb8... · DOCKER...
02.04.2019
A Journey of CoreMedia Docker Containers1
A JOURNEY OF COREMEDIA DOCKER CONTAINERS
DEC 2017 IN COPENHAGEN
4/2/2019
Title of Presentation2
02.04.2019
A Journey of CoreMedia Docker Containers3
Pack your Bags
SPRING BOOT APPS
> Simple build process with a single artifact
> Process handle tied to the app thread
> Standardized configuration facade
> Production ready features
02.04.2019
A Journey of CoreMedia Docker Containers4
SPRING BOOT CONFIGURATION
02.04.2019
A Journey of CoreMedia Docker Containers5
application.jar
AppStarter.javaapplication.properties
application-dev.properties
./config
application.confapplication.properties
application-dev.properties
$ java –jar application.jar-Dcae.is.preview=true
-Dspring.profiles.active=dev
OS: CAE_IS_PREVIEW=false
DOCKER IMAGES
02.04.2019
A Journey of CoreMedia Docker Containers6
> Simple Maven based build process using the dockerfile-maven-plugin
> Preconfigured as a self-contained docker stack
> Application started as non-root
> Initialization steps included
> Configurable using environment variables
DOCKER IMAGE FILE STRUCTURE
02.04.2019
A Journey of CoreMedia Docker Containers7
IMAGE STRUCTURE
02.04.2019
A Journey of CoreMedia Docker Containers8
base-image
Alpine LinuxOpenJDKUser creation & privilege droppingEntrypoint Scripts
app-image
Copy application.jarCopy application configurationDefine VolumesDefine Healthchecks
DOCKER COMPOSE SETUP
02.04.2019
A Journey of CoreMedia Docker Containers9
> Single node development setup
> multi product configuration
> local development toggles
> Integration with Jenkins
> Easy to add more services
> Monitoring & metrics
> Log aggregation
DOCKER COMPOSE> Services
> Networks
> Volumes
02.04.2019
A Journey of CoreMedia Docker Containers10
repository.url = http://content-management-server:40180/coremedia/ior
application.properties
02.04.2019
A Journey of CoreMedia Docker Containers11
software defined network
CAE
Contentserver
content-management-server
application.properties
NETWORKING
VIEW FROM ABOVE
02.04.2019
A Journey of CoreMedia Docker Containers12
THE MAGIC VIEW
02.04.2019
A Journey of CoreMedia Docker Containers13
> Replacing Apache HTTPd with Traefik
> Running the Sitemanager in the browser
> Log-Aggregation and Metrics with Elasticand Prometheus
02.04.2019
A Journey of CoreMedia Docker Containers14
Træfik is no webserver, it’s a dynamic reverse proxy for docker written in GO
TRAEFIK
02.04.2019
A Journey of CoreMedia Docker Containers15
TRAEFIKTræfik can listen on the docker socket for container events and dynamically registers routes based on the labels found
TRAEFIK
But Traefik can also be configured:
> using annotations on K8s ingress objects
> many Key/Value stores including Consul, etcd, DynamoDB, Zookeeper …
> via its REST interface
> Files with reloading automation
02.04.2019
A Journey of CoreMedia Docker Containers16
02.04.2019
A Journey of CoreMedia Docker Containers17
Docker Host
CAE
Contentserver
preview.FQDN
preview-cae172.19.0.18
content-management-server
172.19.0.9
Sitemanager
sitemanager172.19.0.19
sitemanager.FQDN
Webswing runs the sitemanager in a remote Docker container exposing the UI via X virtual frame buffer (Xvfb)
Sitemanager can be opened using any HTML5 browser
No Webstart, no signing jars and HTTPS
No CORBA hole in the firewalls
WEBSWING
coremedia/webswing
02.04.2019
A Journey of CoreMedia Docker Containers18
WEBSWING BASE IMAGE
METRICS
02.04.2019
A Journey of CoreMedia Docker Containers19
blueprint-spring-boot-autoconfigure/pom.xml
HEALTHCHECKS
02.04.2019
A Journey of CoreMedia Docker Containers20
LOG-AGGREGATION
02.04.2019
A Journey of CoreMedia Docker Containers21
logback-elk.xml
logback.xml
coremedia/java-application-base
> 1.x -> java 8
> 2.x -> java 11
02.04.2019
A Journey of CoreMedia Docker Containers22
SPRING BOOT BASE IMAGE
02.04.2019
A Journey of CoreMedia Docker Containers23
TELL THE STORY AND CREATE NEW VISIONS
NEW VISIONS
02.04.2019
A Journey of CoreMedia Docker Containers24
> Building images in docker clouds
> Orchestration with docker clouds
> Automation in docker clouds
BUILDING SECURE
02.04.2019
A Journey of CoreMedia Docker Containers25 From: https://de.slideshare.net/AkihiroSuda/comparing-nextgeneration-container-image-building-tools/36
GOOGLE JIB
02.04.2019
A Journey of CoreMedia Docker Containers26
> Java image builder
> Maven support
> No Docker required
> Builds directly into a registry
> Can coexist with spring-boot maven tooling
GOOGLE JIB
02.04.2019
A Journey of CoreMedia Docker Containers27
ORCHESTRATION
02.04.2019
A Journey of CoreMedia Docker Containers28
DOCKER SWARM
02.04.2019
A Journey of CoreMedia Docker Containers29
> Built into Docker
> Simple declarative model extending the docker-compose syntax
> Many plugins for multi-host networking and storage
> Scheduling, Loadbalancing, Scaling
DOCKER SWARM
02.04.2019
A Journey of CoreMedia Docker Containers30
Docker Compose Docker Swarm
> Restart policies based on healthchecks
> Resource allocation (Java > 10) without JAVA_OPTS> Configs and secrets
> Placements
> Scaling
KUBERNETES
02.04.2019
A Journey of CoreMedia Docker Containers31
> Declarative model with strong separation of concerns
> Each aspect is represented by a separate API object
> Cloud Provider specifics (Storage, Networking) are created and configured at cluster initialization and referenced by Ids
> Scheduling, Loadbalancing, Scaling, Jobs …
If you had to sum up Kubernetes in a word, the best choice might not be orchestration but automation
KUBERNETES
02.04.2019
A Journey of CoreMedia Docker Containers32 Diagram from https://medium.com/@tsuyoshiushio/kubernetes-in-three-diagrams-6aba8432541c
KUBERNETES
02.04.2019
A Journey of CoreMedia Docker Containers33
If you had to sum up Kubernetes in a word, the best choice might not be orchestration but automation
> API is extensible using
> custom resource definitions (CRD), which is … just data that can be stored in the etcd
> custom controller, which is ... just a client listening to events and changing k8s resources using a watch -> diff -> action control loop (controller pattern)
> A custom controller, that manages a single stateful applications operational tasks is called an operator
ORCHESTRATION & AUTOMATION
02.04.2019
A Journey of CoreMedia Docker Containers34
COREMEDIAS STRATEGY
02.04.2019
A Journey of CoreMedia Docker Containers35
> We will provide a swarm deployment, probably replacing the docker-compose setup
> We will invest in Kubernetes integration for our CMCC Services
> official Helm charts
> custom resources and operators
> We are convinced, that Traefik will be part of our strategy
> Our goal for the CoreMedia Stack is to become a cloud-native application
02.04.2019
A Journey of CoreMedia Docker Containers36
Questions